Submenu – Certificates

• The submenu Certificates is arranged in tabs. Each tab is dedicated to a specific type of globally stored certificate:
• Tab Server Certificates – lists of server certificates for virtual hosts. Certification authority (CA) chain, private keys, and root CA are also stored here.
• Tab Client Certificates – lists client certificates for back-ends. Certification authority (CA) chain, private keys, and root CA are also stored here.

• RSA and ECC certificates are supported.
• For Subject Alternative Name (SAN) certificates the domains covered by the SAN certificate are listed in the column Alternative Names. The domain names are also displayed wherever global certificates can be selected from a drop-down list.

Test certificates are generated during the initial installation and set-up of your Airlock Gateway. Add the final certificates for production use.

While the own Airlock Gateway and the back-ends can be configured with self-signed certificates, the certificates which are used for virtual hosts should be issued by well-trusted certificate authorities (CAs).

Certificates, including their Certification Authority (CA) chain, root CA and private keys, are globally stored in the Gateway. They appear in the certificate selection drop-down list of the SSL tabs.

Use the Add new... list-entry to create or store a new global certificate. This entry links to the Submenu – Certificates page.

• Certificate drop-down lists can be found here:
• For virtual hosts: Tab – SSL
• For back-ends: Tab – SSL
• For Gateway management access: Section – Management Access

• TLS/SSL Certificate creation
• Let's Encrypt as certificate provider
• Add or configure a new global SSL/TLS server certificate
• Add or configure a new global SSL/TLS client certificate